VA

Open to opportunities

Vania Abbas

@vaniaabbas

Aspiring cyber security engineer skilled in vulnerability testing and API security.

What I'm looking for

I’m looking to join a security team where I can test real systems—focusing on vulnerabilities, API security, and log analysis—while growing under experienced professionals and expanding my SOC and attack-simulation skills.

I’m a cyber security graduate building hands-on capability through vulnerability identification, API security testing, and OWASP Top 10 risk validation.

In my recent Quality Assurance Engineer role, I identified high-severity CVE vulnerabilities in production systems, validated payment workflows against OWASP Top 10 and PCI DSS requirements, and uncovered broken access control and authentication edge cases across iOS, Android, and web apps. I also tested backend APIs with Postman to expose authorization flaws and sensitive data exposure issues, and I logged and triaged 300+ defects end-to-end in JIRA.

Earlier, as a Cyber Security Engineer, I executed 100+ manual and automated test cases across SaaS web and mobile platforms and performed API functional, security, stress, and load testing using JMeter to evaluate API resilience. I’m especially motivated by practical security work—home SOC labs, log analysis, and attack simulation—and I build projects like a Breach and Attack Simulation Platform that integrates the MITRE Caldera API and supports adversary-profile agent deployment.

Experience

Work history, roles, and key accomplishments

SI

Current

Quality Assurance Engineer

Current

Shawarmer / Food IT

Oct 2025 - Present (6 months)

Identified high-severity CVE vulnerabilities in production systems and validated payment workflows against OWASP Top 10 and PCI DSS, uncovering critical business-logic and sensitive data exposure issues. Tested broken access control and authentication edge cases across iOS/Android/web, and logged 300+ defects in JIRA end to end.

OWASP Top 10 PCI DSS Authentication Postman

BP

Cyber Security Engineer

Bug Bug Babies & Sahara Pink

Aug 2024 - Jan 2025 (5 months)

Executed 100+ manual and automated test cases across SaaS web and mobile platforms, documenting 65+ defects in JIRA with detailed reproduction steps. Conducted API functional, security, stress, and load testing using JMeter and collaborated in Agile/Scrum to prioritize remediation by risk and business impact.

Manual Testing API Testing JMeter Load Testing Jira

Education

Degrees, certifications, and relevant coursework

FS

FAST–National University of Computer and Emerging Sciences

Bachelor of Cybersecurity, Cybersecurity

2021 - 2025

Grade: Dean’s List (Fall 2024); CGPA: 2.97

Bachelor’s degree in Cybersecurity at FAST–NUCES. Earned Dean’s List (Fall 2024) and a CGPA of 2.97.

Tech stack

Software and tools used professionally

Postman

Splunk

MongoDB

Gmail

NestJS

Jira

JavaScript

Wireshark

iOS

Windows

SQL

Burp Suite

Metasploit

Bash

Wazuh

Remote

X++

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!